Between October 2020 and March 2023 there have been 25 exploits of Web3 projects where the impacted projects were later able to recover some or all of the funds lost. Across these 25 incidents approximately $1.35 billion was stolen, and $992 million (73%) was returned. This year, Euler Finance, Allbridge, and Sentiment Protocol have all conducted successful negotiations with their attackers. But this is an ongoing grey zone. These attackers are not white hats who approach vulnerable protocols with clearly defined bug bounty programs, nor are they black hats who make off with all of the funds stolen. They’re grey hats, and they deserve analysis.
Exploits have plagued the Web3 industry for years, targeting protocols, smart contracts, and software-based applications like self-custody wallets. The outcome of these incidents largely resulted in bad actors stealing assets from their targets and disappearing off the map. However, a number of protocols have been able to successfully negotiate with their attackers to return funds. CertiK identified 25 protocols exploited between October 2020 and March 2023 that had some or all of their funds returned following negotiations with attackers.
Approximately $1.35 billion in funds were stolen
Approximately $992 million in funds were returned (73%)
Approximately $314.5 million was kept by attackers (23.1%)
The reamining 3.9% of funds were either lost or frozen during the process
So far in 2023, eight major exploits – totaling approximately $221.5 million in losses – saw around $188 million returned (84.8%).
Some funds that were not returned were kept as white hat bounties for bringing attention to protocol vulnerabilities. Other unreturned funds were surrendered by protocols in order to meet demands from attackers.
Of these 25 protocols, four saw all their funds returned.
Attackers have approached the return of stolen funds differently. Some returned all stolen funds, while others returned partial amounts or none at all. Due to the initial malicious nature of the exploits, and the subsequent change of heart for some attackers after opening negotiations with their victims, we have categorized these incidents as grey-hat scenarios.
After Cashio.App experienced an exploit where the attacker stole $50 million, they eventually returned funds to investors who had less than $100,000 in their accounts with the remaining money allegedly being sent to charity.
Mango Markets serves as another example, where exploiter Avraham Eisenberg returned approximately $67 million out of the $117 million dollars stolen from the project claiming that his actions were legal and that they were a “highly profitable trading strategy.” Despite reaching an agreement with the protocol, Avraham Eisenberg was later prosecuted by the SEC for orchestrating the attack on Mango Markets.
The cryptocurrency industry has been suffering from increasing exploits and hacks over the past few years. With that said, protocols appear to be engaging in more negotiations with their attackers and getting significant funds returned.
Oftentimes, these negotiations take place in public spaces like social media or in on-chain messages between attackers and their victims. Leaving a note in a transaction to an anonymous hacker is often the only way to get in contact with them.
This could indicate a a growing shift in the industry that leads to less risk and greater security for protocols and investors, especially where projects create market incentives that push attackers to negotiate. To further explore this possibility, we wanted to examine how victims are pursuing different negotiation strategies by analyzing these public negotiations and their end results.
We have chosen to look at how four different protocols (Poly Network, Allbridge, Euler Finance, and Sentiment Protocol) have conducted their negotiations. These protocols were picked since they were large attacks, were mostly successful in their funds being returned, and aside from Poly Network, all of these just took place over the past month. Although these four protocols have different strategies, they also all used a bounty as an incentive for the hacker to return the funds.
On 10 August, 2021, a hacker exploited a vulnerability in Poly Network’s code, allowing them to steal funds in more than 12 different cryptocurrencies for a total loss of more than $610 million. That same day, Poly Network reached out directly to the hacker using an on-chain message asking them to get in touch.
Eventually, they offered a bounty if funds were returned. Poly Network also tweeted an open letter to the hacker saying that “law enforcement in any country will regard this as a major economic crime and you will be pursued.” Finally, Poly Network went as far as flattering the hacker, saying that they “hope it will be remembered as the biggest white hat hack in the [sic] history.”
In response, the hacker said that Poly urged investors and others to blame them before they even had a chance to reply and that they had no intentions of laundering the money. The attacker also communicated with Poly Network via transaction notes during this process, stating their intention to start by returning altcoins and asking if their stolen USDT could be unfrozen in return for returning stolen USDC. Poly Network did not respond to the attacker’s question, which seems to have worked in their favor as the hacker started returning funds to three Poly Network addresses the next day.
The hacker later followed up with a message saying they would provide the final secret key to a multi-sig wallet they would use to return the funds.
Poly Network’s combination of strategies seems to have worked as the hacker eventually returned all the stolen assets that were sent to the multi-sig account. Most of the lost funds were returned to Poly Network except $33 million worth of USDT which were frozen by Tether. In response, Poly Network paid a 160 ETH (approximately $486,000) bug bounty to a separate account created by the hacker. The hacker then returned the bug bounty to Poly Network and asked for that sum to be distributed amongst the impacted investors.
A complete transcript of negotiations between the Poly Network and the hacker can be found here.
On 1 April, 2023, Allbridge suffered an attack targeting their BUSD/USDT pools on BNB Chain. The project originally said that the attack only affected those BNB Chain pools but that the exploit could extend to other pools. To prevent this, the project halted their bridge platform and created a web interface for liquidity pool operators to withdraw their balances.
Just like Poly Network, shortly after the attack, Allbridge announced that the hacker would be offered a white hat bounty and added that they would get immunity from any legal consequences if the stolen funds were returned. On April 3, the team announced that it had received a message from the attacker and 1,500 BNB (approximately $465,000) was returned to the project. This left the hacker with approximately $108,000 worth of assets.
Allbridge also mentioned in the thread that there was another hacker that had used the same technique as the first attacker, but who had not contacted the team yet. Allbridge urged the second hacker to come forward and discuss terms for returning the funds. At the time of writing, there is no indication that the second hacker has reached out to the platform.
The Euler Finance hack is the largest crypto exploit so far in 2023. On 13 March, 2023, Euler Finance was targeted with a flash loan exploit that drained the protocol of $197 million. Just like in the Poly Network and Allbridge instances, Euler Finance offered the attacker a 10% bounty if they returned the remaining assets. However, the project also took a more aggressive approach with their negotiation strategy and issued a warning that they would give a $1 million reward for information on the attacker if the remaining 90% of the funds were not returned. Despite this warning, the hacker moved approximately $1.78 million to Tornado Cash.
The hacker then messaged Euler Finance via an on-chain message, aiming to set up a secure line of communication.
On March 21, Euler Finance acted on their warning and launched a $1 million bounty against the hacker after the attacker stopped responding. Four days later, the hacker started returning the funds back to Euler along with an apology:
On 3 April, Euler Finance announced on their Twitter account that they recuperated all of their “recoverable funds" after negotiating with the hacker.
They added that since the hacker “did the right thing” they would no longer be accepting new information that would lead to their arrest, meaning the $1 million reward would no longer be available.
On 4 April, 2023, Sentiment Protocol was hacked for close to $1 million. The hacker used a read-only reentrancy bug to exploit an integration between Sentiment and the decentralized exchange Balancer. On 5 April, Sentiment Protocol announced the exploit on their Twitter account and paused the main contract to only enable withdrawals in order to mitigate the loss of further funds.
Sentiment Protocol offered to negotiate with the hacker, giving them a bounty and also threatening that if funds were not returned before 6 April, the bounty’s money would be given to anyone who could provide information on the hacker. Like Allbridge, the protocol also promised they wouldn’t be pursuing legal actions against the attacker. They sent an on-chain message stating:
The next day they offered the hacker a $95,000 bounty if the funds were returned by 8:00 UTC on 6 April. On 6 April, the team announced that the hacker had returned 90% of all funds.
As we have seen in all four cases, all of the protocols issued an ex post facto bounty in return for the stolen assets. Euler Finance and Sentiment Protocol both threatened to hand the bounty to anyone who would come forward with information on the hacker. Both Allbridge and Sentiment also announced that they would not be pursuing legal action against the hacker if funds were returned, while Poly Network made it clear that law enforcement would be contacted. Out of these four protocols, two saw their “recoverable” funds fully returned, while Allbridge is still in the process of negotiations with the second hacker. Sentiment Protocol successfully recuperated 90% of their funds after only two days of negotiations. It appears that the appeal of a bounty is essential in negotiations, though Euler Finance and Poly Network both demonstrated that threatening their attackers with law enforcement or giving bounties to community members for information on the hacker can also be effective strategies.
Protect yourself and your assets by following @CertiK, @CertiKCommunity, and @CertiKAlert on Twitter to stay up to date on all the latest Web3 security news.